package com.qjc.filter;

import lombok.extern.slf4j.Slf4j;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.IOException;

/**
 * 敏感字
 * Servlet Filter implementation class MyFilterOne
 */
@Slf4j
@WebFilter(urlPatterns = "/*", filterName = "ccdd")
public class MyFilterOne implements Filter {

    /**
     * Default constructor.
     */
    private String words[];//存放规定的敏感字
    private String encoding;//存放要使用的编码格式
    public MyFilterOne() {
        // TODO Auto-generated constructor stub
    }

    /**
     * @see Filter#destroy()
     */
    @Override
    public void destroy() {
        // TODO Auto-generated method stub
        this.words=null;
        this.encoding =null;
    }

    /**
     * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
     */
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        // TODO Auto-generated method stub
        // place your code here

        // pass the request along the filter chain
        if(encoding!=null) {
            request.setCharacterEncoding(encoding);//设置request字符编码
            request=new Request((HttpServletRequest)request);
            //将传递的ServletRequest对象转化为自定义的Request对象，即可实现非法字符的过滤
            response.setContentType("text/html;charset="+encoding);//设置response字符编码
        }
        chain.doFilter(request, response);
    }

    /**
     * @see Filter#init(FilterConfig)
     */
    @Override
    public void init(FilterConfig fConfig) throws ServletException {
        // TODO Auto-generated method stub
        words=new String[] {"糟糕","混蛋"};//定义敏感字符
        encoding=fConfig.getInitParameter("encoding");
    }
    class Request extends HttpServletRequestWrapper{
        /*创建内部类Request，
        该类继承HttpServletRequestWrapper，
        是HttpServletRequest的装饰类，
        用来改变HttpServletRequest的状态，
        从而达到对请求内容的过滤的功能*/
        public Request(HttpServletRequest request) {
            super(request);
            // TODO 自动生成的构造函数存根
        }
        /*重写getParameter方法
         * 对请求结果进行过滤*/
        @Override
        public String getParameter(String name) {
            return filter(super.getRequest().getParameter("name"));
        }
        /*重写getParameterValues方法
         * 通过循环取出每一个请求结果
         * 再对请求结果进行过滤*/
        @Override
        public String[] getParameterValues(String name) {
            String values[]=super.getRequest().getParameterValues("name");
            for(int i=0;i<values.length;i++) {
                values[i]=filter(values[i]);
            }
            return values;
        }
    }
    /*创建过滤方法filter
     * 当敏感字不为空的时候，
     * 分别对每一个敏感字循环一次
     * 如果在param中发现敏感字则将其替换为“****” */
    public String filter(String param) {
        try{if(words!=null&&words.length>0) {
            for(int i=0;i<words.length;i++) {
                if(param.indexOf(words[i])!=-1) {
                    param=param.replaceAll(words[i], "****");
                }
            }
        }}catch(Exception e) {
            e.printStackTrace();
        }
        return param;
    }
}
